Cloud Security Alliance STAR Programme
The challenge
Demand for verified cloud security
As a growing majority of companies now rely on 3rd party cloud-based environments for business services, there is a demand for those organisations to prove their security credentials.
The role of the CSA STAR registry
The Cloud Security Alliance (CSA) operate the Security, Trust, Assurance, and Risk (STAR) Registry which is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonisation of standards outlined in the Cloud Controls Matrix (CCM).
Complexity of the cloud controls matrix
Navigating through the CSA Cloud Controls Matrix (CCM) can be onerous as the current checklist includes 261 questions across all relevant aspects of a cloud computing provider’s security.
The service
BH Consulting provide CSA Cloud Controls Matrix Readiness Assessments and alignment services
As well as assistance to align with the security controls in the Cloud Controls Matrix, services also include:
BH Consulting help cloud providers to understand and meet the requirements of the Cloud Controls Matrix (CCM) and then assist them to complete the Consensus Assessments Initiative Questionnaire (CAIQ) to document compliance with the CCM.
This information then becomes publicly available, promoting industry transparency and providing customer visibility into specific provider security practices. STAR Self-Assessments are updated annually.
Benefits
TISAX compliance provides competitive advantage in the Automotive sector and helps with the renewal of existing supplier contracts
Helps to improve business processes and keep confidential data secure
Addresses automotive-specific requirements and establishes a common level of information security in the industry
Testimonials
“We engaged the services of BH Consulting in September to act as our DPO. Our DPO Annemarie, understands the way in which we work and has completely adapted her approach to suit our needs. I couldn’t recommend Annemarie and the team at BH consulting highly enough.”
“The expertise BH Consulting provided to ensure we have a robust GDPR compliance framework in place was great. We would have no hesitation recommending BH Consulting to others in a similar position.”
“Make-A-Wish Ireland has been working with BH Consulting for three years and have found them to be incredibly supportive. The support we have been given is practical, logical, and most importantly calming. We would highly recommend any company to work with BH Consulting.”
“BH Consulting have been our CISO since February 2019 and we have found their expertise to be extremely beneficial. We really like the fact that they are independent and not tied to any vendors or solutions.”
“BH Consulting provide a reliable and valuable service to our organisation. Their expertise and continued guidance has been a great support to us since the introduction of GDPR.”
Why get in touch with BH Consulting
BH Consulting is a trusted, independent cybersecurity and data protection consultancy with over 20 years of experience. Whether you need expert guidance on compliance, risk management, or security strategy, our team delivers practical, vendor-neutral advice tailored to your needs.
- Trusted by global brands and public sector bodies
- ISO 27001-certified team with deep domain expertise
- Proven track record in delivering real-world solutions
- Flexible services: CISO/DPO as-a-Service, audits, training & more
Let’s start a conversation about securing your business.
